add basic zcap impl based on linked-data-documents #189

chunningham · 2021-05-24T10:35:56Z

An implementation of the ZCAP-LD specification. The struct is generic over caveats and actions to allow for application-specific definitions of these fields, as they are out of scope for the spec.

wyc · 2021-05-26T14:37:22Z

#125

src/zcap.rs

src/vc.rs

src/zcap.rs

clehner · 2021-06-21T19:45:28Z

examples/zcap_invocation.jsonld

+ "id": "urn:uuid:ad86cb2c-e9db-434a-beae-71b82120a8a4",
+ "capabilityAction": "Drive",
+ "proof": {


There is a whitespace inconsistency here.

It would be nice if the example files were usable/verifiable. But testing the parsing is good too.

src/zcap.rs

clehner · 2021-06-21T20:04:01Z

Nice work @chunningham, I like the use of generic type parameters.

agropper · 2021-06-28T21:56:10Z

Is there a particular use-case or set of use-cases that Spruce has in mind?

wyc · 2021-06-29T14:40:13Z

@agropper we are using zcaps for https://github.com/spruceid/kepler

wyc · 2021-06-30T14:24:23Z

Closes #125

clehner · 2021-06-30T16:23:49Z

src/ldp.rs

@@ -615,6 +615,7 @@ async fn sign(
        created: Some(options.created.unwrap_or_else(now_ms)),
        domain: options.domain.clone(),
        challenge: options.challenge.clone(),
+        property_set: options.property_set.clone(),


As mentioned in https://github.com/spruceid/ssi/pull/189/files#r661613315:

I don't think property_set should be passed through into the proofs. There may be issue options that we don't support or know about but that are supposed to have a meaning other than passing them through into the proof. e.g. credentialStatus issue option is supposed to cause a credentialStatus object to be added to the document rather than to the proof: https://github.com/w3c-ccg/vc-http-api/blob/7c72ae2b470ff8dfec12d3b6c3de4f84c6f2a176/packages/vc-http-api-test-server/__tests__/issueCredential.spec.js#L130-L148

Maybe the options object with open-ended property_set, or the property_set alone, could be transcoded into a stricter version that is parameterized by the proof type and purpose (like in feat/generic_proof), so unknown properties would be caught at that point? Or it could be done non-generically, for the sake of just this PR.

I experimented with generic property_sets for both Proof and LinkedDataProofOptions where the property_set type P for Proof<P> must implement From<&LinkedDataProofOptions<O>> (so that devs can implement how the options translate to custom proof fields). This path is blocked by some custom proof logic (e.g. P256BLAKE2BDigest...2021 expects to add the publicKeyJwk field to the proof properties). Will try a non-generic path.

property_set has been removed from LinkedDataProofOptions in favour of changing the ProofSuite trait to accept an additional extra_proof_properties: Option<Map<String, Value>> argument for sign and prepare.

src/ldp.rs

src/zcap.rs

Co-authored-by: Charles Lehner <charles.lehner@spruceid.com>

wyc · 2021-07-07T14:11:18Z

#125

chunningham force-pushed the feat/zcap_ld branch from aaff700 to 38676f3 Compare June 3, 2021 13:21

chunningham marked this pull request as ready for review June 17, 2021 13:42

chunningham requested a review from clehner June 17, 2021 14:36

chunningham force-pushed the feat/zcap_ld branch from 8ca6458 to 6ccdb1d Compare June 17, 2021 16:24